Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/4deWDM0qwtM9c2VPpC27frtAoxw.roa
File: 4deWDM0qwtM9c2VPpC27frtAoxw.roa (raw, json)
Hash identifier: XUMvKXgNd58sr73w0g4Wen7sOcwwAjRfDr0jDFQlLZA=
Subject key identifier: E1:D7:96:0C:CD:2A:C2:D3:3D:73:65:4F:A4:2D:BB:7E:BB:40:A3:1C
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01980D2E3521A410439B45ED4F063A80AB06
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/4deWDM0qwtM9c2VPpC27frtAoxw.roa
Signing time: Tue 15 Jul 2025 08:23:08 +0000
ROA not before: Tue 15 Jul 2025 08:23:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.200.0/23 maxlen: 24
79.172.228.0/24 maxlen: 24
79.172.250.0/23 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.23.0/24 maxlen: 24
87.229.97.0/24 maxlen: 24
87.229.108.0/24 maxlen: 24
87.229.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:2e:35:21:a4:10:43:9b:45:ed:4f:06:3a:80:ab:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jul 15 08:23:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1d7960ccd2ac2d33d73654fa42dbb7ebb40a31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9a:fd:60:10:e6:fd:87:cc:20:17:c8:ae:29:
3d:10:89:58:44:b8:3e:1b:a2:ca:c4:84:a7:c8:bd:
67:14:2f:f5:3e:f3:c0:a1:25:6f:d5:8d:18:b2:9a:
b3:ba:31:97:fd:36:54:f7:f2:35:2e:91:55:95:4c:
cc:cd:f5:76:ff:74:19:84:a4:f4:af:5f:18:ea:f4:
a3:30:af:c4:dd:02:4a:d3:43:68:d9:d7:4c:05:75:
b7:6b:56:63:f8:ff:9e:24:9e:37:08:cb:12:66:68:
c2:54:64:39:6c:74:44:ff:92:03:41:0c:0e:56:fc:
01:52:13:1d:1d:74:ec:e1:3d:1a:a7:93:78:51:12:
b5:25:b8:29:83:9c:9d:e6:71:44:1f:48:d3:73:85:
a2:8e:ee:37:8e:1a:75:75:3a:34:57:f0:c7:b3:02:
fa:f1:ef:a0:0a:43:4e:6d:a6:79:51:73:fd:3a:f9:
63:c8:9d:bd:c5:fe:37:43:0e:f3:0c:73:b5:8f:12:
9c:8d:2a:4e:0a:cc:15:d5:e2:c1:91:e6:21:eb:13:
ad:f6:73:07:28:96:82:ce:8b:16:be:bc:5e:c9:73:
07:56:3c:f0:40:91:dc:a9:4c:ec:97:a3:3d:3c:ea:
c6:21:1a:6e:b2:07:63:0d:d8:7a:b5:67:ad:3b:72:
6a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D7:96:0C:CD:2A:C2:D3:3D:73:65:4F:A4:2D:BB:7E:BB:40:A3:1C
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/4deWDM0qwtM9c2VPpC27frtAoxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.200.0/23
79.172.228.0/24
79.172.250.0/23
87.229.8.0/22
87.229.23.0/24
87.229.97.0/24
87.229.108.0/24
87.229.112.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:33:d6:20:bc:3f:b9:8d:76:97:87:ba:04:c8:06:99:63:5a:
6d:c6:8f:1e:55:c0:a5:95:12:90:bb:0c:b0:e0:c7:f5:e3:b3:
62:61:4d:72:ab:e9:38:78:06:d2:4e:22:fa:36:a4:aa:ff:2b:
d5:14:c8:7f:62:45:64:57:c7:f7:5e:d3:90:66:ea:28:71:83:
eb:36:5a:01:d3:15:59:b5:f7:af:b8:01:81:aa:60:f3:b4:60:
d1:b1:7c:40:4e:1b:18:e9:14:56:2d:26:db:96:81:0a:f8:70:
b6:eb:d5:9b:3d:aa:cb:cb:e6:4f:72:d8:35:c6:d3:6f:0b:b3:
09:02:5e:3a:53:bd:b6:ad:14:92:81:57:eb:70:c1:1d:7f:e8:
08:e2:f3:46:a9:b8:d9:65:81:e0:ed:4f:52:b7:32:6c:32:a6:
97:ee:c7:ef:7b:d2:75:57:d2:78:35:1d:40:63:47:98:01:53:
c9:2a:97:e7:64:74:dc:d1:c9:17:73:56:e9:6a:fe:28:ea:75:
25:6d:e5:83:d3:ba:19:f1:4e:cb:85:e1:af:a6:0f:68:f6:2e:
b1:43:bc:97:65:86:2f:e0:8f:13:15:0e:59:87:67:40:98:86:
6c:76:ef:86:d3:f9:37:44:96:82:ac:2a:f2:ef:bc:b4:88:49:
4a:e5:51:dc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZgNLjUhpBBDm0XtTwY6gKsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNzE1MDgyMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ3OTYwY2NkMmFjMmQzM2Q3MzY1NGZhNDJkYmI3ZWJiNDBhMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupr9YBDm/YfMIBfIrik9EIlYRLg+
G6LKxISnyL1nFC/1PvPAoSVv1Y0YspqzujGX/TZU9/I1LpFVlUzMzfV2/3QZhKT0
r18Y6vSjMK/E3QJK00No2ddMBXW3a1Zj+P+eJJ43CMsSZmjCVGQ5bHRE/5IDQQwO
VvwBUhMdHXTs4T0ap5N4URK1Jbgpg5yd5nFEH0jTc4Wiju43jhp1dTo0V/DHswL6
8e+gCkNObaZ5UXP9OvljyJ29xf43Qw7zDHO1jxKcjSpOCswV1eLBkeYh6xOt9nMH
KJaCzosWvrxeyXMHVjzwQJHcqUzsl6M9POrGIRpusgdjDdh6tWetO3JqLwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOHXlgzNKsLTPXNlT6Qtu367QKMcMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvNGRlV0RNMHF3dE05YzJWUHBDMjdmcnRBb3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBT6zIAwQA
T6zkAwQBT6z6AwQCV+UIAwQAV+UXAwQAV+VhAwQAV+VsAwQAV+VwMA0GCSqGSIb3
DQEBCwUAA4IBAQBaM9YgvD+5jXaXh7oEyAaZY1ptxo8eVcCllRKQuwyw4Mf147Ni
YU1yq+k4eAbSTiL6NqSq/yvVFMh/YkVkV8f3XtOQZuoocYPrNloB0xVZtfevuAGB
qmDztGDRsXxAThsY6RRWLSbbloEK+HC269WbParLy+ZPctg1xtNvC7MJAl46U722
rRSSgVfrcMEdf+gI4vNGqbjZZYHg7U9StzJsMqaX7sfve9J1V9J4NR1AY0eYAVPJ
KpfnZHTc0ckXc1bpav4o6nUlbeWD07oZ8U7LheGvpg9o9i6xQ7yXZYYv4I8TFQ5Z
h2dAmIZsdu+G0/k3RJaCrCry77y0iElK5VHc
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:16:34 2025 by rpki-client